Organizations and consumers increasingly use third-party services to store data. Third-party storage services may provide a number of benefits to customers, including flexibility, low capitalization requirements, off-site backups, and centralized access to data.
In order to maximize the efficiency of their storage systems, third-party storage vendors may attempt to deduplicate the data received from their customers. For example, if two customers each wish to store a copy of the same file, a third-party storage vendor may, instead of storing two copies of the file, store a single copy of the file and reference the copy twice. Furthermore, if one customer has already stored a copy of the file, and a second customer wishes to store a copy of the file, the second customer may simply transmit a fingerprint of the file instead of the entire file in order to save the time and/or computing resources ordinarily consumed in a full file transfer. A traditional deduplication system may then identify the fingerprint as corresponding to the file and reference the second customer as having a stored copy of the file within the deduplication system.
Unfortunately, by accepting fingerprints instead of requiring a full file transfer, such traditional third-party storage systems may facilitate illegitimate data acquisition. For example, a user may acquire a fingerprint of a common file (e.g., a video file, an audio file, etc.) without owning a copy of the file. The user may then request that a traditional third-party storage system store a copy of the file on behalf of the user by submitting the fingerprint. The user may then retrieve the full file from the traditional third-party storage system, potentially using the third-party storage system as an efficient piracy platform. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for verifying ownership of deduplicated data.